[vchkpw] vpopmail under different uids
Hi, Could anyone point me to some documentation about running different uid for different domains? I got lot of permission denied problems using vpopmail, courier and maildrop :( TIA Solt
[vchkpw] vchkpw/vmysql and Mysql 5 with courier -authlib
I don't know if this is a limit of this useful patch (I don't think so), or more likely of the vpopmail library (I feel could be), or yet of courier authdaemon, but after more than ten days of successfull running, I've got this error: Jul 11 16:24:33 myserver authdaemond: ^GOut of memory (Needed 8164 bytes) Jul 11 16:24:33 myserver authdaemond: vmysql: sql error[3]: Jul 11 16:24:33 myserver authdaemond: Attempting to rebuild connection to SQL server Jul 11 16:24:33 myserver authdaemond: ^GOut of memory (Needed 8164 bytes) Jul 11 16:24:33 myserver authdaemond: vmysql: connection rebuild failed: So, I'm adding an authdaemon restart each morning (early) to solve the problem. Note: after stopping and restarting courier authdaemon, 1200 MB of system memory have been released (here I have 4GB of system memory). I feel like vpopmail calls just alloc() memory and never release it, as they have been probably designed for one shot program. When they are used within a permanent service, calling them dozen thousands times, they waste memory and cause problems. Any one else if watching his courier authdaemon growing? Tonino At 21.20 29/06/2006, you wrote: This patch is in the upcoming 5.4.17 release. -Tom On May 29, 2006, at 7:05 AM, Ron Gage wrote: Greetings: I don't know if anyone in here is encountering this problem (yet), but it has been affecting me for the past few weeks - ever since I upgraded my MySQL server to 5.0.19. It took quite a bit of digging, but I believe I have found the problem. To describe the problem: when you run vpopmail in MySQL mode, with courier-authdaemond and MySQL v5.0 or later, you will find that for the first 8 hours, everything works just fine, but after 8 hours, nobody will be able to authenticate to the email server and you will see MySQL server has gone away errors in the maillog. The cause of the problem is that in MySQL 5.0 (and probably some 4.1 releases), MySQL implements a new timeout definition for connections, a timeout that ignores traffic. This timeout will shut down the socket thread from the MySQL side. The problem is that the client (vchkpw and friends) do not know/understand about this timeout and socket termination so they continue on in ignorate bliss until they try to send to the socket and find that it's no longer valid - literally the server has gone away. The fix is to simply destroy the internal flags and file handles related to that socket, rebuild a new one, and try again. The included patch (inline and attached) implements this fix. Please note that there doesn't appear to be any way at this time to disable the timeout feature in MySQL. Please feel free to comment, tear apart, beat up, or otherwise rip to shreads my fix! -- Ron Gage (LPIC1 MCP A+ Net+) Westland, Michigan --- vmysql.c~ 2006-05-29 10:17:20.0 -0400 +++ vmysql.c2006-05-29 10:17:20.0 -0400 @@ -465,7 +465,31 @@ ); if (mysql_query(mysql_read,SqlBufRead)) { fprintf(stderr, vmysql: sql error[3]: %s\n, mysql_error(mysql_read)); -return(NULL); +/* Ron Gage - May 29, 2006 - With newer versions of MySQL, there is such a thing +as a connection timeout regardless of activity. By default under MySQL 5, this +timeout is 28800 seconds (8 hours). If your vpopmail system runs fine for the +first 8 hours, then stops authenticating, this timeout is your problem (especially +under authdaemond). + +What this code does is when an error is encountered, it first tries to drop and +rebuild a connection to the SQL server and tries again. If this second attempt +fails, then something other than the connection timeout is the problem. This fix +need to be implemented in other places but in my setup (Slackware 10.2, netqmail, +vpopmail, courier-authdaemond, courier-imapd and a few others), this is always where +the auth attempt died with a SQL server has gone away error. +*/ + +fprintf(stderr, Attempting to rebuild connection to SQL server\n); +vclose(); +verrori = 0; +if ( (err=vauth_open_read()) != 0 ) { + verrori = err; + return(NULL); +} +if (mysql_query(mysql_read, SqlBufRead)) { + fprintf (stderr, vmysql: connection rebuild failed: %s\n, mysql_error(mysql_read)); + return(NULL); +} } if (!(res_read = mysql_store_result(mysql_read))) { This message was sent using IMP, the Internet Messaging Program. vmysql.diff
Re: [vchkpw] That domain isn't in my list of allowed rcpthosts
MT wrote: The mail server resides at a 172.16.0 net and the client machines at a 192.168.2.0 net. If I have understood the documentation correctly, vpopmail must be configured with --enable-roaming-users if the client machines are on a different net. Correct? No. If you have clients at static IP's like 192.168.2.0 network then use the RELAYCLIENT entry like below. The entry in /home/vpopmail/etc/tcp.smtp is 172.16.0.:allow,RELAYCLIENT= and I have done qmailctl cdb qmailctl stop /var/vpopmail/bin/clearopensmtp qmailctl start Maybe I'm missing something too but shouldn't the contents of the tcp.smtp file say: 192.168.2.:allow,RELAYCLIENT= since the connections are coming FROM the 192 network? This is what you want, the client IP addresses. snip -- Ken Jones
[vchkpw] Qmail Relaying
I have several thousands of FAILURE NOTICES coming in to my account. I know how-to change them over to another account, etc.. but I shouldnt be receiving this many. Some places are obviously using us as a SPAM Email server. How can I only allow relaying from certain domains? Basically only allow relaying from @domain.com, @domain1.com, @domain2.com, etc? Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ smime.p7s Description: S/MIME cryptographic signature
Re: [vchkpw] Qmail Relaying
On Wed, 2006-07-12 at 09:16 -0500, Austin Jorden wrote: I have several thousands of FAILURE NOTICES coming in to my account. I know how-to change them over to another account, etc.. but I shouldn’t be receiving this many. Some places are obviously using us as a SPAM Email server. How can I only allow relaying from certain domains? Hi Austin, Check the headers first to make sure they're actually coming from your server. If they're not, you can try using SPF spf.pobox.com - but that's still hit or miss. If /var/qmail/control/rcpthosts is empty, you'd have an open relay. It should list your local domains. Rick Basically only allow relaying from @domain.com, @domain1.com, @domain2.com, etc? Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/
[vchkpw] Vpopmail 5.4.17 Released
https://sourceforge.net/project/showfiles.php? group_id=85937package_id=89115release_id=431536 5.4.17 - released 12-Jul-06 Release Notes: Lots of fixes to bugs in the 5.4.16 release, some caused by the back- ported code from the 5.5 development series. This release resolves all known problems with 5.4.16. ChangeLog: Rick Widmer - vpopmaild: remove debug output from find_domain function. - vpopmail: fix segfault in users/assign sorting code caused by entries that don't contain a dot (.). [1514733] Jeremy Kister - vdelivermail: pass qmail-inject's error code instead of always deferring. [1484105] Ron Gage - vmysql: reconnect to server if connection timed out. Rolf Eike Beer - vchangepw: add error checking and other code improvements. [1371572] - change API for vgetpasswd() to make more sense. [1371566] - Update del_control() to properly handle remove_lines() return value. [1514613] - vpopmail: minor improvements to remove_lines(). [1371536] secnetdk - vmysql, vpgsql: remove entries from vlog when deleting a domain or a user. [1099800, 995762] Michael Krieger - vcdb, vpopmail: pass mode to open() when creating files. Fixes bug where lock files were created with permissions. [1499043] - vpalias: set mydir to NULL after closing it. [1499045] Tom Collins - vpalias: don't trash alias name passed to valias_insert(). [1491087] - vpopmaild: don't show last auth if auth-logging disabled. [1511313] - Only include err.h if it's present. [1484110] - vpgsql: convert domain name to lower case when creating table name. [1227383] - vpopmail: fix minor error in remove_lines() when file locking not defined.
[vchkpw] Relaying
I have several thousands of FAILURE NOTICES coming in to my account. I know how-to change them over to another account, etc.. but I shouldnt be receiving this many. Some places are obviously using us as a SPAM Email server. How can I only allow relaying from certain domains? Basically only allow relaying from @domain.com, @domain1.com, @domain2.com, etc? Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ smime.p7s Description: S/MIME cryptographic signature
RE: [vchkpw] Qmail Relaying
Okay, they're all there. However if I try to send mail to @yahoo.com I get a failure notice saying can't send to blah as it isn't in my rcpthosts list Thoughts? Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Rick Romero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 1:29 PM To: vchkpw@inter7.com Subject: Re: [vchkpw] Qmail Relaying On Wed, 2006-07-12 at 09:16 -0500, Austin Jorden wrote: I have several thousands of FAILURE NOTICES coming in to my account. I know how-to change them over to another account, etc.. but I shouldn?t be receiving this many. Some places are obviously using us as a SPAM Email server. How can I only allow relaying from certain domains? Hi Austin, Check the headers first to make sure they're actually coming from your server. If they're not, you can try using SPF spf.pobox.com - but that's still hit or miss. If /var/qmail/control/rcpthosts is empty, you'd have an open relay. It should list your local domains. Rick Basically only allow relaying from @domain.com, @domain1.com, @domain2.com, etc? Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ smime.p7s Description: S/MIME cryptographic signature
RE: [vchkpw] Qmail Relaying
On Wed, 2006-07-12 at 14:08 -0500, Austin Jorden wrote: Okay, they're all there. However if I try to send mail to @yahoo.com I get a failure notice saying can't send to blah as it isn't in my rcpthosts list Thoughts? You'll have to enable relaying in some fashion. That depends on your install, and is really more than should be on this list. Assuming you run tcpserver, and if you don't need roaming, you can add your IP address to your vopmail/etc/tcp.smtp file: 127.0.0.1:allow,RELAYCLIENT= Then recompile it from in your vpopmail/etc directory: tcprules tcp.smtp.cdb tcp.smtp.tmp tcp.smtp So assuming you're starting qmail-smtpd in a way that checks that file, that would allow 127.0.0.1 to relay. Rick Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Rick Romero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 1:29 PM To: vchkpw@inter7.com Subject: Re: [vchkpw] Qmail Relaying On Wed, 2006-07-12 at 09:16 -0500, Austin Jorden wrote: I have several thousands of FAILURE NOTICES coming in to my account. I know how-to change them over to another account, etc.. but I shouldn?t be receiving this many. Some places are obviously using us as a SPAM Email server. How can I only allow relaying from certain domains? Hi Austin, Check the headers first to make sure they're actually coming from your server. If they're not, you can try using SPF spf.pobox.com - but that's still hit or miss. If /var/qmail/control/rcpthosts is empty, you'd have an open relay. It should list your local domains. Rick Basically only allow relaying from @domain.com, @domain1.com, @domain2.com, etc? Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/
RE: [vchkpw] Qmail Relaying
Sorry for the duplicates guys, I'm having troubles with email server, as you can see. This is the error that I get: Your message did not reach some or all of the intended recipients. Subject: hey Sent: 7/12/2006 2:16 PM The following recipient(s) could not be reached: '[EMAIL PROTECTED]' on 7/12/2006 2:16 PM 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1) Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Austin Jorden [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 2:09 PM To: vchkpw@inter7.com Subject: RE: [vchkpw] Qmail Relaying Importance: High Okay, they're all there. However if I try to send mail to @yahoo.com I get a failure notice saying can't send to blah as it isn't in my rcpthosts list Thoughts? Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Rick Romero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 1:29 PM To: vchkpw@inter7.com Subject: Re: [vchkpw] Qmail Relaying On Wed, 2006-07-12 at 09:16 -0500, Austin Jorden wrote: I have several thousands of FAILURE NOTICES coming in to my account. I know how-to change them over to another account, etc.. but I shouldn?t be receiving this many. Some places are obviously using us as a SPAM Email server. How can I only allow relaying from certain domains? Hi Austin, Check the headers first to make sure they're actually coming from your server. If they're not, you can try using SPF spf.pobox.com - but that's still hit or miss. If /var/qmail/control/rcpthosts is empty, you'd have an open relay. It should list your local domains. Rick Basically only allow relaying from @domain.com, @domain1.com, @domain2.com, etc? Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ smime.p7s Description: S/MIME cryptographic signature
RE: [vchkpw] Qmail Relaying
My email server's rcpthosts file has: Dptexas.net Digitalpathtexas.net Dptexas.com Digitalpathtexas.com Any users locally ([EMAIL PROTECTED]), etc can't send mail to anything remote (yahoo.com, aol.com, etc) I need this to be enabled! However I can't have someone connect to my SMTP service and send a email to [EMAIL PROTECTED] from [EMAIL PROTECTED] Make sense? Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Rick Romero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 3:00 PM To: vchkpw@inter7.com Subject: RE: [vchkpw] Qmail Relaying On Wed, 2006-07-12 at 14:08 -0500, Austin Jorden wrote: Okay, they're all there. However if I try to send mail to @yahoo.com I get a failure notice saying can't send to blah as it isn't in my rcpthosts list Thoughts? You'll have to enable relaying in some fashion. That depends on your install, and is really more than should be on this list. Assuming you run tcpserver, and if you don't need roaming, you can add your IP address to your vopmail/etc/tcp.smtp file: 127.0.0.1:allow,RELAYCLIENT= Then recompile it from in your vpopmail/etc directory: tcprules tcp.smtp.cdb tcp.smtp.tmp tcp.smtp So assuming you're starting qmail-smtpd in a way that checks that file, that would allow 127.0.0.1 to relay. Rick Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Rick Romero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 1:29 PM To: vchkpw@inter7.com Subject: Re: [vchkpw] Qmail Relaying On Wed, 2006-07-12 at 09:16 -0500, Austin Jorden wrote: I have several thousands of FAILURE NOTICES coming in to my account. I know how-to change them over to another account, etc.. but I shouldn?t be receiving this many. Some places are obviously using us as a SPAM Email server. How can I only allow relaying from certain domains? Hi Austin, Check the headers first to make sure they're actually coming from your server. If they're not, you can try using SPF spf.pobox.com - but that's still hit or miss. If /var/qmail/control/rcpthosts is empty, you'd have an open relay. It should list your local domains. Rick Basically only allow relaying from @domain.com, @domain1.com, @domain2.com, etc? Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ smime.p7s Description: S/MIME cryptographic signature
Re: [vchkpw] vchkpw/vmysql and Mysql 5 with courier -authlib
At 18.24 12/07/2006, you wrote: The vpopmail module to authdaemon is might be missing the vpopmail vclose() function. I'm giving a fast look, but I don't see either close and open :-( . If so, then every connection to the authdaemon would open a new mysql connection, which allocates memory. Then without the vclose the memory never gets released and eventually runs out of memory. This is what authdaemon should not do. It open a first time for each child and then use the sames connection always (apart from the eight hours problem). So it must be something after the connect phase, something called thousands times. I'm trying to check, but I'll do better next week. Thanks, Tonino Ken Jones tonix (Antonio Nati) wrote: I don't know if this is a limit of this useful patch (I don't think so), or more likely of the vpopmail library (I feel could be), or yet of courier authdaemon, but after more than ten days of successfull running, I've got this error: Jul 11 16:24:33 myserver authdaemond: ^GOut of memory (Needed 8164 bytes) Jul 11 16:24:33 myserver authdaemond: vmysql: sql error[3]: Jul 11 16:24:33 myserver authdaemond: Attempting to rebuild connection to SQL server Jul 11 16:24:33 myserver authdaemond: ^GOut of memory (Needed 8164 bytes) Jul 11 16:24:33 myserver authdaemond: vmysql: connection rebuild failed: So, I'm adding an authdaemon restart each morning (early) to solve the problem. Note: after stopping and restarting courier authdaemon, 1200 MB of system memory have been released (here I have 4GB of system memory). I feel like vpopmail calls just alloc() memory and never release it, as they have been probably designed for one shot program. When they are used within a permanent service, calling them dozen thousands times, they waste memory and cause problems. Any one else if watching his courier authdaemon growing? Tonino At 21.20 29/06/2006, you wrote: This patch is in the upcoming 5.4.17 release. -Tom On May 29, 2006, at 7:05 AM, Ron Gage wrote: Greetings: I don't know if anyone in here is encountering this problem (yet), but it has been affecting me for the past few weeks - ever since I upgraded my MySQL server to 5.0.19. It took quite a bit of digging, but I believe I have found the problem. To describe the problem: when you run vpopmail in MySQL mode, with courier-authdaemond and MySQL v5.0 or later, you will find that for the first 8 hours, everything works just fine, but after 8 hours, nobody will be able to authenticate to the email server and you will see MySQL server has gone away errors in the maillog. The cause of the problem is that in MySQL 5.0 (and probably some 4.1 releases), MySQL implements a new timeout definition for connections, a timeout that ignores traffic. This timeout will shut down the socket thread from the MySQL side. The problem is that the client (vchkpw and friends) do not know/understand about this timeout and socket termination so they continue on in ignorate bliss until they try to send to the socket and find that it's no longer valid - literally the server has gone away. The fix is to simply destroy the internal flags and file handles related to that socket, rebuild a new one, and try again. The included patch (inline and attached) implements this fix. Please note that there doesn't appear to be any way at this time to disable the timeout feature in MySQL. Please feel free to comment, tear apart, beat up, or otherwise rip to shreads my fix! -- Ron Gage (LPIC1 MCP A+ Net+) Westland, Michigan --- vmysql.c~ 2006-05-29 10:17:20.0 -0400 +++ vmysql.c2006-05-29 10:17:20.0 -0400 @@ -465,7 +465,31 @@ ); if (mysql_query(mysql_read,SqlBufRead)) { fprintf(stderr, vmysql: sql error[3]: %s\n, mysql_error(mysql_read)); -return(NULL); +/* Ron Gage - May 29, 2006 - With newer versions of MySQL, there is such a thing +as a connection timeout regardless of activity. By default under MySQL 5, this +timeout is 28800 seconds (8 hours). If your vpopmail system runs fine for the +first 8 hours, then stops authenticating, this timeout is your problem (especially +under authdaemond). + +What this code does is when an error is encountered, it first tries to drop and +rebuild a connection to the SQL server and tries again. If this second attempt +fails, then something other than the connection timeout is the problem. This fix +need to be implemented in other places but in my setup (Slackware 10.2, netqmail, +vpopmail, courier-authdaemond, courier-imapd and a few others), this is always where +the auth attempt died with a SQL server has gone away error. +*/ + +fprintf(stderr, Attempting to rebuild connection to SQL server\n); +vclose(); +verrori = 0; +if ( (err=vauth_open_read()) != 0 ) { + verrori = err; +
RE: [vchkpw] Qmail Relaying
On Wed, 2006-07-12 at 15:26 -0500, Austin Jorden wrote: My email server's rcpthosts file has: Dptexas.net Digitalpathtexas.net Dptexas.com Digitalpathtexas.com Any users locally ([EMAIL PROTECTED]), etc can't send mail to anything remote (yahoo.com, aol.com, etc) I need this to be enabled! However I can't have someone connect to my SMTP service and send a email to [EMAIL PROTECTED] from [EMAIL PROTECTED] Make sense? Yes, but the RELAY option is done by IP address. If you want to enable roaming users (people on dial-up, people who have dhcp - ie, people who aren't on your LAN) you'll have to consult your distribution or whoever put your setup together (the toaster author?). That's more of a qmail function than a vpopmail function, as the relay options are compiled into the qmail programs. I use Matt Simerson's toaster, maybe you followed Life with Qmail? If you just want your whole LAN to relay, put this in your tcp.smtp file before recompiling it: 192.168:allow,RELAYCLIENT= That will allow anyone with a 192.168.x.x address to relay through your mail server. Use whatever IP Address scheme is setup on your network. Though you really should double check with your setup docs for file locations and relay options and the like... Rick Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Rick Romero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 3:00 PM To: vchkpw@inter7.com Subject: RE: [vchkpw] Qmail Relaying On Wed, 2006-07-12 at 14:08 -0500, Austin Jorden wrote: Okay, they're all there. However if I try to send mail to @yahoo.com I get a failure notice saying can't send to blah as it isn't in my rcpthosts list Thoughts? You'll have to enable relaying in some fashion. That depends on your install, and is really more than should be on this list. Assuming you run tcpserver, and if you don't need roaming, you can add your IP address to your vopmail/etc/tcp.smtp file: 127.0.0.1:allow,RELAYCLIENT= Then recompile it from in your vpopmail/etc directory: tcprules tcp.smtp.cdb tcp.smtp.tmp tcp.smtp So assuming you're starting qmail-smtpd in a way that checks that file, that would allow 127.0.0.1 to relay. Rick Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Rick Romero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 1:29 PM To: vchkpw@inter7.com Subject: Re: [vchkpw] Qmail Relaying On Wed, 2006-07-12 at 09:16 -0500, Austin Jorden wrote: I have several thousands of FAILURE NOTICES coming in to my account. I know how-to change them over to another account, etc.. but I shouldn?t be receiving this many. Some places are obviously using us as a SPAM Email server. How can I only allow relaying from certain domains? Hi Austin, Check the headers first to make sure they're actually coming from your server. If they're not, you can try using SPF spf.pobox.com - but that's still hit or miss. If /var/qmail/control/rcpthosts is empty, you'd have an open relay. It should list your local domains. Rick Basically only allow relaying from @domain.com, @domain1.com, @domain2.com, etc? Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/
RE: [vchkpw] Qmail Relaying
Ohhh, Okay. I completely understand. Sorry for such confusion. I actually used QmailRocks.org, the installation guide. Would you be able to tell me how to let a certain IP address range relay? Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Rick Romero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 3:34 PM To: vchkpw@inter7.com Subject: RE: [vchkpw] Qmail Relaying On Wed, 2006-07-12 at 15:26 -0500, Austin Jorden wrote: My email server's rcpthosts file has: Dptexas.net Digitalpathtexas.net Dptexas.com Digitalpathtexas.com Any users locally ([EMAIL PROTECTED]), etc can't send mail to anything remote (yahoo.com, aol.com, etc) I need this to be enabled! However I can't have someone connect to my SMTP service and send a email to [EMAIL PROTECTED] from [EMAIL PROTECTED] Make sense? Yes, but the RELAY option is done by IP address. If you want to enable roaming users (people on dial-up, people who have dhcp - ie, people who aren't on your LAN) you'll have to consult your distribution or whoever put your setup together (the toaster author?). That's more of a qmail function than a vpopmail function, as the relay options are compiled into the qmail programs. I use Matt Simerson's toaster, maybe you followed Life with Qmail? If you just want your whole LAN to relay, put this in your tcp.smtp file before recompiling it: 192.168:allow,RELAYCLIENT= That will allow anyone with a 192.168.x.x address to relay through your mail server. Use whatever IP Address scheme is setup on your network. Though you really should double check with your setup docs for file locations and relay options and the like... Rick Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Rick Romero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 3:00 PM To: vchkpw@inter7.com Subject: RE: [vchkpw] Qmail Relaying On Wed, 2006-07-12 at 14:08 -0500, Austin Jorden wrote: Okay, they're all there. However if I try to send mail to @yahoo.com I get a failure notice saying can't send to blah as it isn't in my rcpthosts list Thoughts? You'll have to enable relaying in some fashion. That depends on your install, and is really more than should be on this list. Assuming you run tcpserver, and if you don't need roaming, you can add your IP address to your vopmail/etc/tcp.smtp file: 127.0.0.1:allow,RELAYCLIENT= Then recompile it from in your vpopmail/etc directory: tcprules tcp.smtp.cdb tcp.smtp.tmp tcp.smtp So assuming you're starting qmail-smtpd in a way that checks that file, that would allow 127.0.0.1 to relay. Rick Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Rick Romero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 1:29 PM To: vchkpw@inter7.com Subject: Re: [vchkpw] Qmail Relaying On Wed, 2006-07-12 at 09:16 -0500, Austin Jorden wrote: I have several thousands of FAILURE NOTICES coming in to my account. I know how-to change them over to another account, etc.. but I shouldn?t be receiving this many. Some places are obviously using us as a SPAM Email server. How can I only allow relaying from certain domains? Hi Austin, Check the headers first to make sure they're actually coming from your server. If they're not, you can try using SPF spf.pobox.com - but that's still hit or miss. If /var/qmail/control/rcpthosts is empty, you'd have an open relay. It should list your local domains. Rick Basically only allow relaying from @domain.com, @domain1.com, @domain2.com, etc? Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ smime.p7s Description: S/MIME cryptographic signature
Re: [vchkpw] vchkpw/vmysql and Mysql 5 with courier -authlib
At 18.24 12/07/2006, you wrote: The vpopmail module to authdaemon is might be missing the vpopmail vclose() function. At a first look, you are right. Following is the code related to closing connection. static void authvchkpwclose() { } It lacks any code relative to vpopmail vclose. But in my logs I don't have any reconnect trace, so I suppose authdaemon is always using the same connection (and I see it is growing anyway). The memory abuse must be elsewhere. Is anyone using authdaemon mysql authentication and having the same problems? Tonino If so, then every connection to the authdaemon would open a new mysql connection, which allocates memory. Then without the vclose the memory never gets released and eventually runs out of memory. Ken Jones tonix (Antonio Nati) wrote: I don't know if this is a limit of this useful patch (I don't think so), or more likely of the vpopmail library (I feel could be), or yet of courier authdaemon, but after more than ten days of successfull running, I've got this error: Jul 11 16:24:33 myserver authdaemond: ^GOut of memory (Needed 8164 bytes) Jul 11 16:24:33 myserver authdaemond: vmysql: sql error[3]: Jul 11 16:24:33 myserver authdaemond: Attempting to rebuild connection to SQL server Jul 11 16:24:33 myserver authdaemond: ^GOut of memory (Needed 8164 bytes) Jul 11 16:24:33 myserver authdaemond: vmysql: connection rebuild failed: So, I'm adding an authdaemon restart each morning (early) to solve the problem. Note: after stopping and restarting courier authdaemon, 1200 MB of system memory have been released (here I have 4GB of system memory). I feel like vpopmail calls just alloc() memory and never release it, as they have been probably designed for one shot program. When they are used within a permanent service, calling them dozen thousands times, they waste memory and cause problems. Any one else if watching his courier authdaemon growing? Tonino At 21.20 29/06/2006, you wrote: This patch is in the upcoming 5.4.17 release. -Tom On May 29, 2006, at 7:05 AM, Ron Gage wrote: Greetings: I don't know if anyone in here is encountering this problem (yet), but it has been affecting me for the past few weeks - ever since I upgraded my MySQL server to 5.0.19. It took quite a bit of digging, but I believe I have found the problem. To describe the problem: when you run vpopmail in MySQL mode, with courier-authdaemond and MySQL v5.0 or later, you will find that for the first 8 hours, everything works just fine, but after 8 hours, nobody will be able to authenticate to the email server and you will see MySQL server has gone away errors in the maillog. The cause of the problem is that in MySQL 5.0 (and probably some 4.1 releases), MySQL implements a new timeout definition for connections, a timeout that ignores traffic. This timeout will shut down the socket thread from the MySQL side. The problem is that the client (vchkpw and friends) do not know/understand about this timeout and socket termination so they continue on in ignorate bliss until they try to send to the socket and find that it's no longer valid - literally the server has gone away. The fix is to simply destroy the internal flags and file handles related to that socket, rebuild a new one, and try again. The included patch (inline and attached) implements this fix. Please note that there doesn't appear to be any way at this time to disable the timeout feature in MySQL. Please feel free to comment, tear apart, beat up, or otherwise rip to shreads my fix! -- Ron Gage (LPIC1 MCP A+ Net+) Westland, Michigan --- vmysql.c~ 2006-05-29 10:17:20.0 -0400 +++ vmysql.c 2006-05-29 10:17:20.0 -0400 @@ -465,7 +465,31 @@ ); if (mysql_query(mysql_read,SqlBufRead)) { fprintf(stderr, vmysql: sql error[3]: %s\n, mysql_error(mysql_read)); - return(NULL); + /* Ron Gage - May 29, 2006 - With newer versions of MySQL, there is such a thing + as a connection timeout regardless of activity. By default under MySQL 5, this + timeout is 28800 seconds (8 hours). If your vpopmail system runs fine for the + first 8 hours, then stops authenticating, this timeout is your problem (especially + under authdaemond). + + What this code does is when an error is encountered, it first tries to drop and + rebuild a connection to the SQL server and tries again. If this second attempt + fails, then something other than the connection timeout is the problem. This fix + need to be implemented in other places but in my setup (Slackware 10.2, netqmail, + vpopmail, courier-authdaemond, courier-imapd and a few others), this is always where + the auth attempt died with a SQL server has gone away error. + */ + + fprintf(stderr, Attempting to rebuild connection to SQL server\n); + vclose(); + verrori = 0; + if ( (err=vauth_open_read()) != 0 ) { + verrori = err; + return(NULL); + } + if (mysql_query(mysql_read, SqlBufRead)) { + fprintf (stderr, vmysql: connection rebuild failed: %s\n, mysql_error(mysql_read)); + return(NULL); + } } if (!(res_read =
RE: [vchkpw] Qmail Relaying
On Wed, 2006-07-12 at 15:38 -0500, Austin Jorden wrote: Ohhh, Okay. I completely understand. Sorry for such confusion. Not a problem. I actually used QmailRocks.org, the installation guide. Sorry, never saw it :( Would you be able to tell me how to let a certain IP address range relay? I appear to have a network specified in one of my lines 192.168.1.0/24:allow,RELAY= Though I'm not sure specifying the netmask is valid. You can try it. Not sure if you know netmasks - The /24 is the number of bits (where 255 is in binary, count the 1s and you have 8 bits. So 255.255.255.0 = ... = /24 ) Here's a page if you know what your starting and ending IPs are http://www.csc.fi/english/funet/calc/laskin2.html or just google 'netmask calculator' - there are more advanced ones. Rick Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Rick Romero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 3:34 PM To: vchkpw@inter7.com Subject: RE: [vchkpw] Qmail Relaying On Wed, 2006-07-12 at 15:26 -0500, Austin Jorden wrote: My email server's rcpthosts file has: Dptexas.net Digitalpathtexas.net Dptexas.com Digitalpathtexas.com Any users locally ([EMAIL PROTECTED]), etc can't send mail to anything remote (yahoo.com, aol.com, etc) I need this to be enabled! However I can't have someone connect to my SMTP service and send a email to [EMAIL PROTECTED] from [EMAIL PROTECTED] Make sense? Yes, but the RELAY option is done by IP address. If you want to enable roaming users (people on dial-up, people who have dhcp - ie, people who aren't on your LAN) you'll have to consult your distribution or whoever put your setup together (the toaster author?). That's more of a qmail function than a vpopmail function, as the relay options are compiled into the qmail programs. I use Matt Simerson's toaster, maybe you followed Life with Qmail? If you just want your whole LAN to relay, put this in your tcp.smtp file before recompiling it: 192.168:allow,RELAYCLIENT= That will allow anyone with a 192.168.x.x address to relay through your mail server. Use whatever IP Address scheme is setup on your network. Though you really should double check with your setup docs for file locations and relay options and the like... Rick Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Rick Romero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 3:00 PM To: vchkpw@inter7.com Subject: RE: [vchkpw] Qmail Relaying On Wed, 2006-07-12 at 14:08 -0500, Austin Jorden wrote: Okay, they're all there. However if I try to send mail to @yahoo.com I get a failure notice saying can't send to blah as it isn't in my rcpthosts list Thoughts? You'll have to enable relaying in some fashion. That depends on your install, and is really more than should be on this list. Assuming you run tcpserver, and if you don't need roaming, you can add your IP address to your vopmail/etc/tcp.smtp file: 127.0.0.1:allow,RELAYCLIENT= Then recompile it from in your vpopmail/etc directory: tcprules tcp.smtp.cdb tcp.smtp.tmp tcp.smtp So assuming you're starting qmail-smtpd in a way that checks that file, that would allow 127.0.0.1 to relay. Rick Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Rick Romero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 1:29 PM To: vchkpw@inter7.com Subject: Re: [vchkpw] Qmail Relaying On Wed, 2006-07-12 at 09:16 -0500, Austin Jorden wrote: I have several thousands of FAILURE NOTICES coming in to my account. I know how-to change them over to another account, etc.. but I shouldn?t be receiving this many. Some places are obviously using us as a SPAM Email server. How can I only allow relaying from certain domains? Hi Austin, Check the headers first to make sure they're actually coming from your server. If they're not, you can try using SPF spf.pobox.com - but that's still hit or miss. If /var/qmail/control/rcpthosts is empty, you'd have an open relay. It should list your local domains. Rick Basically only allow relaying from @domain.com, @domain1.com, @domain2.com, etc? Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/
RE: [vchkpw] Qmail Relaying
I'm almost a CCNA and taking my CWNA exam in a week. Here's what I have in my tcp.smtp file 127.:allow,RELAYCLIENT= 69.152.0.0/19:allow,RELAYCLIENT= Sound right? Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Rick Romero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 3:51 PM To: vchkpw@inter7.com Subject: RE: [vchkpw] Qmail Relaying On Wed, 2006-07-12 at 15:38 -0500, Austin Jorden wrote: Ohhh, Okay. I completely understand. Sorry for such confusion. Not a problem. I actually used QmailRocks.org, the installation guide. Sorry, never saw it :( Would you be able to tell me how to let a certain IP address range relay? I appear to have a network specified in one of my lines 192.168.1.0/24:allow,RELAY= Though I'm not sure specifying the netmask is valid. You can try it. Not sure if you know netmasks - The /24 is the number of bits (where 255 is in binary, count the 1s and you have 8 bits. So 255.255.255.0 = ... = /24 ) Here's a page if you know what your starting and ending IPs are http://www.csc.fi/english/funet/calc/laskin2.html or just google 'netmask calculator' - there are more advanced ones. Rick Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Rick Romero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 3:34 PM To: vchkpw@inter7.com Subject: RE: [vchkpw] Qmail Relaying On Wed, 2006-07-12 at 15:26 -0500, Austin Jorden wrote: My email server's rcpthosts file has: Dptexas.net Digitalpathtexas.net Dptexas.com Digitalpathtexas.com Any users locally ([EMAIL PROTECTED]), etc can't send mail to anything remote (yahoo.com, aol.com, etc) I need this to be enabled! However I can't have someone connect to my SMTP service and send a email to [EMAIL PROTECTED] from [EMAIL PROTECTED] Make sense? Yes, but the RELAY option is done by IP address. If you want to enable roaming users (people on dial-up, people who have dhcp - ie, people who aren't on your LAN) you'll have to consult your distribution or whoever put your setup together (the toaster author?). That's more of a qmail function than a vpopmail function, as the relay options are compiled into the qmail programs. I use Matt Simerson's toaster, maybe you followed Life with Qmail? If you just want your whole LAN to relay, put this in your tcp.smtp file before recompiling it: 192.168:allow,RELAYCLIENT= That will allow anyone with a 192.168.x.x address to relay through your mail server. Use whatever IP Address scheme is setup on your network. Though you really should double check with your setup docs for file locations and relay options and the like... Rick Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Rick Romero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 3:00 PM To: vchkpw@inter7.com Subject: RE: [vchkpw] Qmail Relaying On Wed, 2006-07-12 at 14:08 -0500, Austin Jorden wrote: Okay, they're all there. However if I try to send mail to @yahoo.com I get a failure notice saying can't send to blah as it isn't in my rcpthosts list Thoughts? You'll have to enable relaying in some fashion. That depends on your install, and is really more than should be on this list. Assuming you run tcpserver, and if you don't need roaming, you can add your IP address to your vopmail/etc/tcp.smtp file: 127.0.0.1:allow,RELAYCLIENT= Then recompile it from in your vpopmail/etc directory: tcprules tcp.smtp.cdb tcp.smtp.tmp tcp.smtp So assuming you're starting qmail-smtpd in a way that checks that file, that would allow 127.0.0.1 to relay. Rick Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Rick Romero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 1:29 PM To: vchkpw@inter7.com Subject: Re: [vchkpw] Qmail Relaying On Wed, 2006-07-12 at 09:16 -0500, Austin Jorden wrote: I have several thousands of FAILURE NOTICES coming in to my account. I know how-to change them over to another account, etc.. but I shouldn?t be receiving this many. Some places are obviously using us as a SPAM Email server. How can I only allow relaying from certain domains? Hi Austin, Check the headers first to make sure they're actually coming from your server. If they're not, you can try using SPF spf.pobox.com - but that's still hit or miss. If /var/qmail/control/rcpthosts is empty, you'd have an open relay. It should list your local domains. Rick Basically only allow relaying from @domain.com, @domain1.com, @domain2.com, etc? Thanks, Austin Jorden (972)
Re: [vchkpw] vchkpw/vmysql and Mysql 5 with courier -authlib
On Wednesday 12 July 2006 13:48, tonix (Antonio Nati) wrote: At 18.24 12/07/2006, you wrote: The vpopmail module to authdaemon is might be missing the vpopmail vclose() function. At a first look, you are right. Following is the code related to closing connection. static void authvchkpwclose() { } It lacks any code relative to vpopmail vclose. But in my logs I don't have any reconnect trace, so I suppose authdaemon is always using the same connection (and I see it is growing anyway). The memory abuse must be elsewhere. how about running authdaemon under valgrind, then performing a couple thousand auth attempts against it? -Jeremy -- Jeremy Kitchen ++ [EMAIL PROTECTED] http://www.pirate-party.us/ -- defend your rights pgpoof3ymduet.pgp Description: PGP signature
RE: [vchkpw] Qmail Relaying
On Wed, 2006-07-12 at 15:58 -0500, Austin Jorden wrote: I'm almost a CCNA and taking my CWNA exam in a week. Here's what I have in my tcp.smtp file 127.:allow,RELAYCLIENT= 69.152.0.0/19:allow,RELAYCLIENT= That's correct - though I'm not sure if using the /19 notation will work. According to: http://cr.yp.to/ucspi-tcp/tcprules.html Address ranges tcprules treats 1.2.3.37-53:ins as an abbreviation for the rules 1.2.3.37:ins, 1.2.3.38:ins, and so on up through 1.2.3.53:ins. Similarly, 10.2-3.:ins is an abbreviation for 10.2.:ins and 10.3.:ins. So I think I'd just do: 69.152.:allow,RELAYCLIENT= To get your users up and running until you can wrap your brain around the tcprules docs and narrow the range down a bit ;) Rick Sound right? Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Rick Romero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 3:51 PM To: vchkpw@inter7.com Subject: RE: [vchkpw] Qmail Relaying On Wed, 2006-07-12 at 15:38 -0500, Austin Jorden wrote: Ohhh, Okay. I completely understand. Sorry for such confusion. Not a problem. I actually used QmailRocks.org, the installation guide. Sorry, never saw it :( Would you be able to tell me how to let a certain IP address range relay? I appear to have a network specified in one of my lines 192.168.1.0/24:allow,RELAY= Though I'm not sure specifying the netmask is valid. You can try it. Not sure if you know netmasks - The /24 is the number of bits (where 255 is in binary, count the 1s and you have 8 bits. So 255.255.255.0 = ... = /24 ) Here's a page if you know what your starting and ending IPs are http://www.csc.fi/english/funet/calc/laskin2.html or just google 'netmask calculator' - there are more advanced ones. Rick Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Rick Romero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 3:34 PM To: vchkpw@inter7.com Subject: RE: [vchkpw] Qmail Relaying On Wed, 2006-07-12 at 15:26 -0500, Austin Jorden wrote: My email server's rcpthosts file has: Dptexas.net Digitalpathtexas.net Dptexas.com Digitalpathtexas.com Any users locally ([EMAIL PROTECTED]), etc can't send mail to anything remote (yahoo.com, aol.com, etc) I need this to be enabled! However I can't have someone connect to my SMTP service and send a email to [EMAIL PROTECTED] from [EMAIL PROTECTED] Make sense? Yes, but the RELAY option is done by IP address. If you want to enable roaming users (people on dial-up, people who have dhcp - ie, people who aren't on your LAN) you'll have to consult your distribution or whoever put your setup together (the toaster author?). That's more of a qmail function than a vpopmail function, as the relay options are compiled into the qmail programs. I use Matt Simerson's toaster, maybe you followed Life with Qmail? If you just want your whole LAN to relay, put this in your tcp.smtp file before recompiling it: 192.168:allow,RELAYCLIENT= That will allow anyone with a 192.168.x.x address to relay through your mail server. Use whatever IP Address scheme is setup on your network. Though you really should double check with your setup docs for file locations and relay options and the like... Rick Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Rick Romero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 3:00 PM To: vchkpw@inter7.com Subject: RE: [vchkpw] Qmail Relaying On Wed, 2006-07-12 at 14:08 -0500, Austin Jorden wrote: Okay, they're all there. However if I try to send mail to @yahoo.com I get a failure notice saying can't send to blah as it isn't in my rcpthosts list Thoughts? You'll have to enable relaying in some fashion. That depends on your install, and is really more than should be on this list. Assuming you run tcpserver, and if you don't need roaming, you can add your IP address to your vopmail/etc/tcp.smtp file: 127.0.0.1:allow,RELAYCLIENT= Then recompile it from in your vpopmail/etc directory: tcprules tcp.smtp.cdb tcp.smtp.tmp tcp.smtp So assuming you're starting qmail-smtpd in a way that checks that file, that would allow 127.0.0.1 to relay. Rick Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Rick Romero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 1:29 PM To: vchkpw@inter7.com Subject: Re: [vchkpw] Qmail Relaying On Wed, 2006-07-12 at 09:16 -0500, Austin Jorden wrote: I have several thousands of FAILURE
RE: [vchkpw] Qmail Relaying
We actually own the whole 69.152.0.0/19 range (255.255.224.0) Yea, that's what I was thinking, let me try it and get back with you. Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Rick Romero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 4:05 PM To: vchkpw@inter7.com Subject: RE: [vchkpw] Qmail Relaying On Wed, 2006-07-12 at 15:58 -0500, Austin Jorden wrote: I'm almost a CCNA and taking my CWNA exam in a week. Here's what I have in my tcp.smtp file 127.:allow,RELAYCLIENT= 69.152.0.0/19:allow,RELAYCLIENT= That's correct - though I'm not sure if using the /19 notation will work. According to: http://cr.yp.to/ucspi-tcp/tcprules.html Address ranges tcprules treats 1.2.3.37-53:ins as an abbreviation for the rules 1.2.3.37:ins, 1.2.3.38:ins, and so on up through 1.2.3.53:ins. Similarly, 10.2-3.:ins is an abbreviation for 10.2.:ins and 10.3.:ins. So I think I'd just do: 69.152.:allow,RELAYCLIENT= To get your users up and running until you can wrap your brain around the tcprules docs and narrow the range down a bit ;) Rick Sound right? Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Rick Romero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 3:51 PM To: vchkpw@inter7.com Subject: RE: [vchkpw] Qmail Relaying On Wed, 2006-07-12 at 15:38 -0500, Austin Jorden wrote: Ohhh, Okay. I completely understand. Sorry for such confusion. Not a problem. I actually used QmailRocks.org, the installation guide. Sorry, never saw it :( Would you be able to tell me how to let a certain IP address range relay? I appear to have a network specified in one of my lines 192.168.1.0/24:allow,RELAY= Though I'm not sure specifying the netmask is valid. You can try it. Not sure if you know netmasks - The /24 is the number of bits (where 255 is in binary, count the 1s and you have 8 bits. So 255.255.255.0 = ... = /24 ) Here's a page if you know what your starting and ending IPs are http://www.csc.fi/english/funet/calc/laskin2.html or just google 'netmask calculator' - there are more advanced ones. Rick Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Rick Romero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 3:34 PM To: vchkpw@inter7.com Subject: RE: [vchkpw] Qmail Relaying On Wed, 2006-07-12 at 15:26 -0500, Austin Jorden wrote: My email server's rcpthosts file has: Dptexas.net Digitalpathtexas.net Dptexas.com Digitalpathtexas.com Any users locally ([EMAIL PROTECTED]), etc can't send mail to anything remote (yahoo.com, aol.com, etc) I need this to be enabled! However I can't have someone connect to my SMTP service and send a email to [EMAIL PROTECTED] from [EMAIL PROTECTED] Make sense? Yes, but the RELAY option is done by IP address. If you want to enable roaming users (people on dial-up, people who have dhcp - ie, people who aren't on your LAN) you'll have to consult your distribution or whoever put your setup together (the toaster author?). That's more of a qmail function than a vpopmail function, as the relay options are compiled into the qmail programs. I use Matt Simerson's toaster, maybe you followed Life with Qmail? If you just want your whole LAN to relay, put this in your tcp.smtp file before recompiling it: 192.168:allow,RELAYCLIENT= That will allow anyone with a 192.168.x.x address to relay through your mail server. Use whatever IP Address scheme is setup on your network. Though you really should double check with your setup docs for file locations and relay options and the like... Rick Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Rick Romero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 3:00 PM To: vchkpw@inter7.com Subject: RE: [vchkpw] Qmail Relaying On Wed, 2006-07-12 at 14:08 -0500, Austin Jorden wrote: Okay, they're all there. However if I try to send mail to @yahoo.com I get a failure notice saying can't send to blah as it isn't in my rcpthosts list Thoughts? You'll have to enable relaying in some fashion. That depends on your install, and is really more than should be on this list. Assuming you run tcpserver, and if you don't need roaming, you can add your IP address to your vopmail/etc/tcp.smtp file: 127.0.0.1:allow,RELAYCLIENT= Then recompile it from in your vpopmail/etc directory: tcprules tcp.smtp.cdb tcp.smtp.tmp tcp.smtp So assuming you're starting qmail-smtpd in a way that checks that file, that would allow 127.0.0.1 to relay. Rick Thanks, Austin Jorden (972)
[vchkpw] Testing
Testing Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ smime.p7s Description: S/MIME cryptographic signature
Re: [vchkpw] vchkpw/vmysql and Mysql 5 with courier -authlib
tonix (Antonio Nati) wrote: At 18.24 12/07/2006, you wrote: The vpopmail module to authdaemon is might be missing the vpopmail vclose() function. At a first look, you are right. Following is the code related to closing connection. static void authvchkpwclose() { } It lacks any code relative to vpopmail vclose. But in my logs I don't have any reconnect trace, so I suppose authdaemon is always using the same connection (and I see it is growing anyway). The memory abuse must be elsewhere. Is anyone using authdaemon mysql authentication and having the same problems? Hi, I'm using authdaemon mysql but I'm not seeing that problem. Regards, Rick
RE: [vchkpw] Qmail Relaying
It worked. However I have 1 more problem. What if one of my customers ([EMAIL PROTECTED]) checked his email from work (not on the 69 network) it would deny it huh? Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Austin Jorden [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 4:11 PM To: vchkpw@inter7.com Subject: RE: [vchkpw] Qmail Relaying Importance: High We actually own the whole 69.152.0.0/19 range (255.255.224.0) Yea, that's what I was thinking, let me try it and get back with you. Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Rick Romero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 4:05 PM To: vchkpw@inter7.com Subject: RE: [vchkpw] Qmail Relaying On Wed, 2006-07-12 at 15:58 -0500, Austin Jorden wrote: I'm almost a CCNA and taking my CWNA exam in a week. Here's what I have in my tcp.smtp file 127.:allow,RELAYCLIENT= 69.152.0.0/19:allow,RELAYCLIENT= That's correct - though I'm not sure if using the /19 notation will work. According to: http://cr.yp.to/ucspi-tcp/tcprules.html Address ranges tcprules treats 1.2.3.37-53:ins as an abbreviation for the rules 1.2.3.37:ins, 1.2.3.38:ins, and so on up through 1.2.3.53:ins. Similarly, 10.2-3.:ins is an abbreviation for 10.2.:ins and 10.3.:ins. So I think I'd just do: 69.152.:allow,RELAYCLIENT= To get your users up and running until you can wrap your brain around the tcprules docs and narrow the range down a bit ;) Rick Sound right? Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Rick Romero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 3:51 PM To: vchkpw@inter7.com Subject: RE: [vchkpw] Qmail Relaying On Wed, 2006-07-12 at 15:38 -0500, Austin Jorden wrote: Ohhh, Okay. I completely understand. Sorry for such confusion. Not a problem. I actually used QmailRocks.org, the installation guide. Sorry, never saw it :( Would you be able to tell me how to let a certain IP address range relay? I appear to have a network specified in one of my lines 192.168.1.0/24:allow,RELAY= Though I'm not sure specifying the netmask is valid. You can try it. Not sure if you know netmasks - The /24 is the number of bits (where 255 is in binary, count the 1s and you have 8 bits. So 255.255.255.0 = ... = /24 ) Here's a page if you know what your starting and ending IPs are http://www.csc.fi/english/funet/calc/laskin2.html or just google 'netmask calculator' - there are more advanced ones. Rick Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Rick Romero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 3:34 PM To: vchkpw@inter7.com Subject: RE: [vchkpw] Qmail Relaying On Wed, 2006-07-12 at 15:26 -0500, Austin Jorden wrote: My email server's rcpthosts file has: Dptexas.net Digitalpathtexas.net Dptexas.com Digitalpathtexas.com Any users locally ([EMAIL PROTECTED]), etc can't send mail to anything remote (yahoo.com, aol.com, etc) I need this to be enabled! However I can't have someone connect to my SMTP service and send a email to [EMAIL PROTECTED] from [EMAIL PROTECTED] Make sense? Yes, but the RELAY option is done by IP address. If you want to enable roaming users (people on dial-up, people who have dhcp - ie, people who aren't on your LAN) you'll have to consult your distribution or whoever put your setup together (the toaster author?). That's more of a qmail function than a vpopmail function, as the relay options are compiled into the qmail programs. I use Matt Simerson's toaster, maybe you followed Life with Qmail? If you just want your whole LAN to relay, put this in your tcp.smtp file before recompiling it: 192.168:allow,RELAYCLIENT= That will allow anyone with a 192.168.x.x address to relay through your mail server. Use whatever IP Address scheme is setup on your network. Though you really should double check with your setup docs for file locations and relay options and the like... Rick Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Rick Romero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 3:00 PM To: vchkpw@inter7.com Subject: RE: [vchkpw] Qmail Relaying On Wed, 2006-07-12 at 14:08 -0500, Austin Jorden wrote: Okay, they're all there. However if I try to send mail to @yahoo.com I get a failure notice saying can't send to blah as it isn't in my rcpthosts list Thoughts? You'll have to enable relaying in some fashion. That depends on your install, and is really more than should be on this list.
RE: [vchkpw] Qmail Relaying
On Wed, 2006-07-12 at 16:17 -0500, Austin Jorden wrote: It worked. Excellent. However I have 1 more problem. What if one of my customers ([EMAIL PROTECTED]) checked his email from work (not on the 69 network) it would deny it huh? He could read his email, but he couldn't send to anyone that wasn't listed in your rcpthosts. You'll have to check with qmailrocks.org to see how they're implementing SMTP Relay. You can use POP before SMTP and/or SMTP-AUTH. I would suggest SMTP-AUTH - IMAP users don't generally POP before sending mail. You'll also have to keep in mind that some ISP's block outgoing port 25, so you may want to add port 587 (smtp-submit) if that isn't already included in the qmailrocks.org setup. I'm done working for the day ;) Have fun! Rick Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Austin Jorden [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 4:11 PM To: vchkpw@inter7.com Subject: RE: [vchkpw] Qmail Relaying Importance: High We actually own the whole 69.152.0.0/19 range (255.255.224.0) Yea, that's what I was thinking, let me try it and get back with you. Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Rick Romero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 4:05 PM To: vchkpw@inter7.com Subject: RE: [vchkpw] Qmail Relaying On Wed, 2006-07-12 at 15:58 -0500, Austin Jorden wrote: I'm almost a CCNA and taking my CWNA exam in a week. Here's what I have in my tcp.smtp file 127.:allow,RELAYCLIENT= 69.152.0.0/19:allow,RELAYCLIENT= That's correct - though I'm not sure if using the /19 notation will work. According to: http://cr.yp.to/ucspi-tcp/tcprules.html Address ranges tcprules treats 1.2.3.37-53:ins as an abbreviation for the rules 1.2.3.37:ins, 1.2.3.38:ins, and so on up through 1.2.3.53:ins. Similarly, 10.2-3.:ins is an abbreviation for 10.2.:ins and 10.3.:ins. So I think I'd just do: 69.152.:allow,RELAYCLIENT= To get your users up and running until you can wrap your brain around the tcprules docs and narrow the range down a bit ;) Rick Sound right? Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Rick Romero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 3:51 PM To: vchkpw@inter7.com Subject: RE: [vchkpw] Qmail Relaying On Wed, 2006-07-12 at 15:38 -0500, Austin Jorden wrote: Ohhh, Okay. I completely understand. Sorry for such confusion. Not a problem. I actually used QmailRocks.org, the installation guide. Sorry, never saw it :( Would you be able to tell me how to let a certain IP address range relay? I appear to have a network specified in one of my lines 192.168.1.0/24:allow,RELAY= Though I'm not sure specifying the netmask is valid. You can try it. Not sure if you know netmasks - The /24 is the number of bits (where 255 is in binary, count the 1s and you have 8 bits. So 255.255.255.0 = ... = /24 ) Here's a page if you know what your starting and ending IPs are http://www.csc.fi/english/funet/calc/laskin2.html or just google 'netmask calculator' - there are more advanced ones. Rick Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Rick Romero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 3:34 PM To: vchkpw@inter7.com Subject: RE: [vchkpw] Qmail Relaying On Wed, 2006-07-12 at 15:26 -0500, Austin Jorden wrote: My email server's rcpthosts file has: Dptexas.net Digitalpathtexas.net Dptexas.com Digitalpathtexas.com Any users locally ([EMAIL PROTECTED]), etc can't send mail to anything remote (yahoo.com, aol.com, etc) I need this to be enabled! However I can't have someone connect to my SMTP service and send a email to [EMAIL PROTECTED] from [EMAIL PROTECTED] Make sense? Yes, but the RELAY option is done by IP address. If you want to enable roaming users (people on dial-up, people who have dhcp - ie, people who aren't on your LAN) you'll have to consult your distribution or whoever put your setup together (the toaster author?). That's more of a qmail function than a vpopmail function, as the relay options are compiled into the qmail programs. I use Matt Simerson's toaster, maybe you followed Life with Qmail? If you just want your whole LAN to relay, put this in your tcp.smtp file before recompiling it: 192.168:allow,RELAYCLIENT= That will allow anyone with a 192.168.x.x address to relay through your mail server. Use whatever IP Address scheme is setup on your network. Though you really should
Re: [vchkpw] vchkpw/vmysql and Mysql 5 with courier -authlib
At 23.02 12/07/2006, you wrote: On Wednesday 12 July 2006 13:48, tonix (Antonio Nati) wrote: At 18.24 12/07/2006, you wrote: The vpopmail module to authdaemon is might be missing the vpopmail vclose() function. At a first look, you are right. Following is the code related to closing connection. static void authvchkpwclose() { } It lacks any code relative to vpopmail vclose. But in my logs I don't have any reconnect trace, so I suppose authdaemon is always using the same connection (and I see it is growing anyway). The memory abuse must be elsewhere. how about running authdaemon under valgrind, then performing a couple thousand auth attempts against it? I never used it. I'll give it a try (hope next week). Thanks, Tonino -Jeremy -- Jeremy Kitchen ++ [EMAIL PROTECTED] http://www.pirate-party.us/ -- defend your rights
RE: [vchkpw] Qmail Relaying
On Wed, 2006-07-12 at 16:05 -0500, Rick Romero wrote: So I think I'd just do: 69.152.:allow,RELAYCLIENT= You should add the line as below so as not to add the entire /16 which im sure you dont want to be a relay for. 69.152.0-31..:allow,RELAYCLIENT= cheers Shane To get your users up and running until you can wrap your brain around the tcprules docs and narrow the range down a bit ;) Rick Sound right? Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Rick Romero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 3:51 PM To: vchkpw@inter7.com Subject: RE: [vchkpw] Qmail Relaying On Wed, 2006-07-12 at 15:38 -0500, Austin Jorden wrote: Ohhh, Okay. I completely understand. Sorry for such confusion. Not a problem. I actually used QmailRocks.org, the installation guide. Sorry, never saw it :( Would you be able to tell me how to let a certain IP address range relay? I appear to have a network specified in one of my lines 192.168.1.0/24:allow,RELAY= Though I'm not sure specifying the netmask is valid. You can try it. Not sure if you know netmasks - The /24 is the number of bits (where 255 is in binary, count the 1s and you have 8 bits. So 255.255.255.0 = ... = /24 ) Here's a page if you know what your starting and ending IPs are http://www.csc.fi/english/funet/calc/laskin2.html or just google 'netmask calculator' - there are more advanced ones. Rick Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Rick Romero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 3:34 PM To: vchkpw@inter7.com Subject: RE: [vchkpw] Qmail Relaying On Wed, 2006-07-12 at 15:26 -0500, Austin Jorden wrote: My email server's rcpthosts file has: Dptexas.net Digitalpathtexas.net Dptexas.com Digitalpathtexas.com Any users locally ([EMAIL PROTECTED]), etc can't send mail to anything remote (yahoo.com, aol.com, etc) I need this to be enabled! However I can't have someone connect to my SMTP service and send a email to [EMAIL PROTECTED] from [EMAIL PROTECTED] Make sense? Yes, but the RELAY option is done by IP address. If you want to enable roaming users (people on dial-up, people who have dhcp - ie, people who aren't on your LAN) you'll have to consult your distribution or whoever put your setup together (the toaster author?). That's more of a qmail function than a vpopmail function, as the relay options are compiled into the qmail programs. I use Matt Simerson's toaster, maybe you followed Life with Qmail? If you just want your whole LAN to relay, put this in your tcp.smtp file before recompiling it: 192.168:allow,RELAYCLIENT= That will allow anyone with a 192.168.x.x address to relay through your mail server. Use whatever IP Address scheme is setup on your network. Though you really should double check with your setup docs for file locations and relay options and the like... Rick Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Rick Romero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 3:00 PM To: vchkpw@inter7.com Subject: RE: [vchkpw] Qmail Relaying On Wed, 2006-07-12 at 14:08 -0500, Austin Jorden wrote: Okay, they're all there. However if I try to send mail to @yahoo.com I get a failure notice saying can't send to blah as it isn't in my rcpthosts list Thoughts? You'll have to enable relaying in some fashion. That depends on your install, and is really more than should be on this list. Assuming you run tcpserver, and if you don't need roaming, you can add your IP address to your vopmail/etc/tcp.smtp file: 127.0.0.1:allow,RELAYCLIENT= Then recompile it from in your vpopmail/etc directory: tcprules tcp.smtp.cdb tcp.smtp.tmp tcp.smtp So assuming you're starting qmail-smtpd in a way that checks that file, that would allow 127.0.0.1 to relay. Rick Thanks, Austin Jorden (972) 284-4909 Digitalpath of Texas http://www.dptexas.net/ -Original Message- From: Rick Romero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 12, 2006 1:29 PM To: vchkpw@inter7.com Subject: Re: [vchkpw] Qmail Relaying On Wed, 2006-07-12 at 09:16 -0500, Austin Jorden wrote: I have several thousands of FAILURE NOTICES coming in to my account. I know how-to change them over to another account, etc.. but I shouldn?t be receiving this many. Some places are obviously using us